photonuriacastilla.com
Open in
urlscan Pro
109.70.131.187
Malicious Activity!
Public Scan
Submission: On June 16 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on May 26th 2019. Valid for: 3 months.
This is the only time photonuriacastilla.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Crédit Lyonnais (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 16 | 109.70.131.187 109.70.131.187 | 45037 (HISPAWEB-...) (HISPAWEB-NETWORK) | |
15 | 1 |
ASN45037 (HISPAWEB-NETWORK, ES)
PTR: hosting.hispaweb.com
photonuriacastilla.com | |
www.photonuriacastilla.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
photonuriacastilla.com
1 redirects
photonuriacastilla.com www.photonuriacastilla.com |
424 KB |
15 | 1 |
Domain | Requested by | |
---|---|---|
15 | photonuriacastilla.com |
1 redirects
photonuriacastilla.com
|
1 | www.photonuriacastilla.com |
photonuriacastilla.com
|
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
photonuriacastilla.com Let's Encrypt Authority X3 |
2019-05-26 - 2019-08-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://photonuriacastilla.com/wp-content/mail/03321/index2.php
Frame ID: F5E14483923F929A5EB3F3FDF736E65B
Requests: 15 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://photonuriacastilla.com/SCUW/images/parcours/fond-cadenas.jpg HTTP 301
- https://www.photonuriacastilla.com/SCUW/images/parcours/fond-cadenas.jpg
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index2.php
photonuriacastilla.com/wp-content/mail/03321/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.5.1.js
photonuriacastilla.com/wp-content/mail/03321/NEW/ |
83 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset-0.9.css
photonuriacastilla.com/wp-content/mail/03321/NEW/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BPGridGenerator.jsp
photonuriacastilla.com/wp-content/mail/03321/NEW/ |
6 KB 7 KB |
Stylesheet
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clavier.css
photonuriacastilla.com/wp-content/mail/03321/NEW/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
general.css
photonuriacastilla.com/wp-content/mail/03321/NEW/ |
23 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.css
photonuriacastilla.com/wp-content/mail/03321/NEW/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
formulaire.css
photonuriacastilla.com/wp-content/mail/03321/NEW/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clavier.js
photonuriacastilla.com/wp-content/mail/03321/NEW/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ss.js
photonuriacastilla.com/wp-content/mail/03321/img/ |
931 B 766 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.gif
photonuriacastilla.com/wp-content/mail/03321/img/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
photonuriacastilla.com/wp-content/mail/03321/img/ |
97 KB 97 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
photonuriacastilla.com/wp-content/mail/03321/img/ |
134 KB 134 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fond-cadenas.jpg
www.photonuriacastilla.com/SCUW/images/parcours/ Redirect Chain
|
16 KB 16 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sasa.png
photonuriacastilla.com/wp-content/mail/03321/img/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Crédit Lyonnais (Banking)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| addCode function| emptyCode boolean| encodeXor function| encodeBase64LCL function| myXOR function| createCookie function| readCookie function| saveIdentifiant function| removeIdentifiant function| saveIdentifiantBel function| validateForm function| date_heure object| date number| annee number| moi object| mois number| j number| jour object| jours number| h string| m number| s string| resultat boolean| flag0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
photonuriacastilla.com
www.photonuriacastilla.com
109.70.131.187
047dd6cc726a073dee019cb03ba0a8903b74195bafc1771ac320481430a535da
094df68d385da742959a3811ec203d450a2db599bca402ab54e2a4471f9f4b7d
270ee5dfefe4197510cc391cd92f51c69373aceb26141c59fa939768439fab2e
2ab2773dbca2d31f235c84cf688f1805a47ec61ed2550423ebcbf471ab01e6ac
3de3ffe79cc57f3699ac9d3cb4f1531c36cba6f224967b1c9ea7047cc44f78c5
4cb8b261e20b3a2ffe9f68b6ec4919c91c1dde8279562dc332be86a1b7e53a3f
5604120e254d101f2429c7461e2f2ae954fc86b73243c7e0e9b91d93568a71b7
5da64bc9959f10b1e64701b56bb2b15bf6a5c1ca23532ab1bf91ddb66f2f038c
6ff4f2de56ff3b203abb5ca12c5a2ab31a191c9cb8414aa80447c5b18d03520b
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
83e616960727693c4122314d8a56e1ee9e6454350356f53cbfafca4f38ebfd22
8d35c3b035177092c5077a8288b9bde03d066c661fa3a9cfe04199f9d331f357
99f9c1defa03ce48872f7f0417061ba7e14970f467bc41a1477629929523cf85
adeebd4d4b63ea80f1b76ea0cef84e6bade7263dd94c1506a655719ec31cb4fc
ff36edc6d8930470eb93a5b526adae0a2046cb9c33b165ff6ee63783a8468196